--- /dev/null
+From bbc1c5e8ad6dfebf9d13b8a4ccdf66c92913eac9 Mon Sep 17 00:00:00 2001
+From: Lars Ellenberg <lars.ellenberg@linbit.com>
+Date: Wed, 9 Jul 2014 21:18:32 +0200
+Subject: drbd: fix regression 'out of mem, failed to invoke fence-peer helper'
+
+From: Lars Ellenberg <lars.ellenberg@linbit.com>
+
+commit bbc1c5e8ad6dfebf9d13b8a4ccdf66c92913eac9 upstream.
+
+Since linux kernel 3.13, kthread_run() internally uses
+wait_for_completion_killable(). We sometimes may use kthread_run()
+while we still have a signal pending, which we used to kick our threads
+out of potentially blocking network functions, causing kthread_run() to
+mistake that as a new fatal signal and fail.
+
+Fix: flush_signals() before kthread_run().
+
+Signed-off-by: Philipp Reisner <philipp.reisner@linbit.com>
+Signed-off-by: Lars Ellenberg <lars.ellenberg@linbit.com>
+Signed-off-by: Jens Axboe <axboe@fb.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/block/drbd/drbd_nl.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/drivers/block/drbd/drbd_nl.c
++++ b/drivers/block/drbd/drbd_nl.c
+@@ -514,6 +514,12 @@ void conn_try_outdate_peer_async(struct
+ struct task_struct *opa;
+
+ kref_get(&tconn->kref);
++ /* We may just have force_sig()'ed this thread
++ * to get it out of some blocking network function.
++ * Clear signals; otherwise kthread_run(), which internally uses
++ * wait_on_completion_killable(), will mistake our pending signal
++ * for a new fatal signal and fail. */
++ flush_signals(current);
+ opa = kthread_run(_try_outdate_peer_async, tconn, "drbd_async_h");
+ if (IS_ERR(opa)) {
+ conn_err(tconn, "out of mem, failed to invoke fence-peer helper\n");
--- /dev/null
+From bd8c78e78d5011d8111bc2533ee73b13a3bd6c42 Mon Sep 17 00:00:00 2001
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Wed, 30 Jul 2014 14:55:26 +0200
+Subject: nl80211: clear skb cb before passing to netlink
+
+From: Johannes Berg <johannes.berg@intel.com>
+
+commit bd8c78e78d5011d8111bc2533ee73b13a3bd6c42 upstream.
+
+In testmode and vendor command reply/event SKBs we use the
+skb cb data to store nl80211 parameters between allocation
+and sending. This causes the code for CONFIG_NETLINK_MMAP
+to get confused, because it takes ownership of the skb cb
+data when the SKB is handed off to netlink, and it doesn't
+explicitly clear it.
+
+Clear the skb cb explicitly when we're done and before it
+gets passed to netlink to avoid this issue.
+
+Reported-by: Assaf Azulay <assaf.azulay@intel.com>
+Reported-by: David Spinadel <david.spinadel@intel.com>
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/wireless/nl80211.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/net/wireless/nl80211.c
++++ b/net/wireless/nl80211.c
+@@ -6568,6 +6568,9 @@ int cfg80211_testmode_reply(struct sk_bu
+ void *hdr = ((void **)skb->cb)[1];
+ struct nlattr *data = ((void **)skb->cb)[2];
+
++ /* clear CB data for netlink core to own from now on */
++ memset(skb->cb, 0, sizeof(skb->cb));
++
+ if (WARN_ON(!rdev->testmode_info)) {
+ kfree_skb(skb);
+ return -EINVAL;
+@@ -6594,6 +6597,9 @@ void cfg80211_testmode_event(struct sk_b
+ void *hdr = ((void **)skb->cb)[1];
+ struct nlattr *data = ((void **)skb->cb)[2];
+
++ /* clear CB data for netlink core to own from now on */
++ memset(skb->cb, 0, sizeof(skb->cb));
++
+ nla_nest_end(skb, data);
+ genlmsg_end(skb, hdr);
+ genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), skb, 0,
media-vb2-fix-vbi-poll-regression.patch
md-raid5-disable-discard-by-default-due-to-safety-concerns.patch
jiffies-fix-timeval-conversion-to-jiffies.patch
+drbd-fix-regression-out-of-mem-failed-to-invoke-fence-peer-helper.patch
+nl80211-clear-skb-cb-before-passing-to-netlink.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
